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The MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

• If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

• Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)K Responsive to communication(s) filed on 10 December 0203 . 
2a)K This action is FINAL. 2b)Q This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) Q Claim(s) 1-25 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) K Claim(s) 1-25 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)Q None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 
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application from the International Bureau (PCT Rule 17.2(a)). 
See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

Claims 1-25 are presented. 

Response to Arguments 

Applicant's arguments filed 12/10/203 have been fully considered but they are 
not persuasive.. 

In response to applicant's argument that the examinees conclusion of 
obviousness is based upon improper hindsight reasoning, it must be recognized that 
any judgment on obviousness is in a sense necessarily a reconstruction based upon 
hindsight reasoning. But so long as it takes into account only knowledge which was 
within the level of ordinary skill at the time the claimed invention was made, and does 
not include knowledge gleaned only from the applicant's disclosure, such a 
reconstruction is proper. See In re McLaughlin, 443 F.2d 1392, 170 USPQ 209 (CCPA 
1971 ). In the present application, the rejection was made by specifically pointing out 
passages of references (e.g., Pinkert) in which the motivation to combine was stated. 

In response to applicant's arguments against the references individually, one 
cannot show nonobviousness by attacking references individually where the rejections 
are based on combinations of references. See In re Keller, 642 F.2d 413, 208 
USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 
1986). In the present application, the rejection was made by pointing out that the tickets 
of Kerberos (as noted in references such as Schneier) require the recited features of the 
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claims (such as the search and reply systems that were mentioned in the Remarks 
section of the arguments filed 12/10/2003). 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 1 02 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-25 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Schneier (Applied Cryptography Second Edition: protocols, algorithms, and source code 
in C, 1996) and Pinkert et al. (Operating systems: concepts, policies, and mechanisms, 
1989, prentice-hall, pp. 205-207). 

Regarding claim 1 , Schneier teaches Awherein the search results for the search 
match results for the key words are ... in which a search match for a first number of the 
one or more search engines is displayed ... (page 567, especially how Kerberos uses 
tickets)" 

These passages of Schneier do not teach "aliases" 

Pinkert teaches "aliases (page 205, such as at last paragraph which explicitly 
mentions aliases)" for the motivation of "allowing users to reference the same physical 
file by different logical names." As can be noted from Pinkert, aliases are sometimes 
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used as alternate names for a single access (such as by a single entity or a single 
user). This is the type of alias use that in the claimed invention. 

It would have been obvious to those of ordinary skill in the art at the time of the 
claimed invention to combine the teachings of Schneier with the teachings of Pinkert for 
the motivation noted in the previous paragraphs so as to teach the claimed invention. 

Regarding claim 2, Schneier teaches such Amethod of claim 1 wherein the first 
party is a domain controller (page 567, i.e. Kerberos, which handles such domain 
controller situations)." 

Regarding claim 3, such Athe method of claim 2 wherein the domain controller 
includes a directory service and a Global Catalog Service" are well known in the art for 
the motivation of connecting computers on networks (such as local area networks). 

Regarding claim 4, such Schneier teaches Athe method of claim 1 wherein the 
authentication of the service is provided via Kerberos (page 567, i.e. Kerberos)" 

Regarding claim 5, such Athe method of claim 1 wherein the aliases are Service 
Principal Names" are well known in the art for the motivation of easily implementing 
(because such SPN=s are easily availiable). 

Regarding claim 6, such Athe method of claim 5 wherein the Service Principal 
Names further comprise at least one of a Service Type, an Instance Name, a Port 
Number, a Service Name and a Domain" are well known in the art for the motivation of 
easily implementing (because such types of names are easily availiable). 

Regaarding claim 7, such Athe method of claim 5 wherein the Service Principal 
Names are associated with an account related to a server are well known in the art for 
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the motivation of easily implementing (because such types of names are easily 
availiable, such as from the server). 

Regarding claim 8, such Athe method of claim 7 wherein the step of searching a 
list of aliases further comprises the steps of: searching the account for an associated 
Service Principal name; and providing name cannonicalization by returning a ticket 
related to the account" are well known in the art for the motivation of efficient handling of 
names in security situations. 

Regarding claim 9, Schneier teaches Aa domain controller for facilitating a client 
authenticating a server, 
comprising (page 566, i.e. Kerberos model): 

a system for providing a plurality of ... which the client may employ to 
authenticate to the server (page 567, i.e. Kerberos). 

These passages of Schneier do not teach "aliases." 

Pinkert teaches "aliases (page 205, such as at last paragraph which explicitly 
mentions aliases)" for the motivation of "allowing users to reference the same physical 
file by different logical names." As can be noted from Pinkert, aliases are sometimes 
used as alternate names for a single access (such as by a single entity or a single 
user). This is the type of alias use that in the claimed invention. 

It would have been obvious to those of ordinary skill in the art at the time of the 
claimed invention to combine the teachings of Schneier with the teachings of Pinkert for 
the motivation noted in the previous paragraphs so as to teach the claimed invention. 
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Regarding claim 10, Scheiner teaches a system for facilitating a client 
authenticating a server, comprising: a domain controller operatively coupled to the client 
and server, the domain controller providing a plurality of ... which permit the client to 
authenticate the server via at least one of the ... (pages 567, i.e. Kerberos). 

These passages of Schneier do not teach "aliases." 

Pinkert teaches "aliases (page 205, such as at last paragraph which explicitly 
mentions aliases)" for the motivation of "allowing users to reference the same physical 
file by different logical names." As can be noted from Pinkert, aliases are sometimes 
used as alternate names for a single access (such as by a single entity or a single 
user). This is the type of alias use that in the claimed invention. 

It would have been obvious to those of ordinary skill in the art at the time of the 
claimed invention to combine the teachings of Schneier with the teachings of Pinkert for 
the motivation noted in the previous paragraphs so as to teach the claimed invention. 

Regarding claim 1 1 , Schneier teaches a system for facilitating authentication of a 
service, comprising: 

means for receiving a request for authentication of the service from a client, the 
request including a first ... (page 566, Kerberos Model); 

means for searching a list of ... associated with the service (page 567, Kerberos); 

means for enabling the client to access the service if a match is found between 
the first ... and at least one ... of the list of ... (page 567, Kerberos). 

These passages of Schneier do not teach "aliases" 
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Pinkert teaches "aliases (page 205, such as at last paragraph which explicitly 
mentions aliases)" for the motivation of "allowing users to reference the same physical 
file by different logical names." As can be noted from Pinkert, aliases are sometimes 
used as alternate names for a single access (such as by a single entity or a single 
user). This is the type of alias use that in the claimed invention. 

It would have been obvious to those of ordinary skill in the art at the time of the 
claimed invention to combine the teachings of Schneier with the teachings of Pinkert for 
the motivation noted in the previous paragraphs so as to teach the claimed invention. 

Regarding claim 12 (the system of claim 1 1 including a means for generating an 
implicit list facilitating automatic creation of Service Principal Names), claim 13 (the 
system of claim 12 further including a means for constraint checking in order to prevent 
authentication to an unauthorized server), claim 14 (the system of claim 13 wherein the 
means for constraint checking includes a Host Name and an attribute), claim 15 (the 
system of claim 14 wherein the means for constraint checking includes having a means 
for determining if a server is authentic by matching the Host Name with the attribute), 
these features are taught by the prior art for the reasons noted in the rejections of 
claims 1-10 (Schneier teaching such security features, Pinkert teaching such alias 
handling, the prior art as a whole teaching other features for the motivations noted in the 
rejections of claims 1-10). 

Regarding claim 16, Schneier teaches a system for facilitating authentication of a 
service, comprising: 
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a domain controller for receiving a request for authentication of the service from a 
client, the request including a first ...(page 567, Kerberos); 

wherein the domain controller searches a list of ... in an account associated with 
the service (page 567, Kerberos); 

wherein the domain controller enables the client to access the service via a ticket 
if a match is found in the account between the first ... and at least one ... of the list of ... 
(page 567, Kerberos).. 

These passages of Schneier do not teach "aliases" 

Pinkert teaches "aliases (page 205, such as at last paragraph which explicitly 
mentions aliases)" for the motivation of "allowing users to reference the same physical 
file by different logical names." As can be noted from Pinkert, aliases are sometimes 
used as alternate names for a single access (such as by a single entity or a single 
user). This is the type of alias use that in the claimed invention. 

It would have been obvious to those of ordinary skill in the art at the time of the 
claimed invention to combine the teachings of Schneier with the teachings of Pinkert for 
the motivation noted in the previous paragraphs so as to teach the claimed invention. 

Regarding claim 17 (the system of claim 16 wherein the aliases are Service 
Principal Names), claim 18 (the system of claim 17 wherein the Service Principal 
Names further comprise at least one of a Service Type, an Instance Name, a Port 
Number, a Service Name and a Domain), claim 19 (the system of claim 16 further 
including an implicit list to facilitate automatic creation of Service Principal Names), 
claim 20 (the system of claim 19 further including constraint checking in order to prevent 



Application/Control Number: 09/560,079 Page 9 

Art Unit: 2134 

authentication to an unauthorized server), claim 21 (the system of claim 20 wherein the 
constraint checking includes a Host Name and an attribute), claim 22 (the system of 
claim 21 wherein the constraint checking includes determining if a server is authentic by 
matching the Host Name with the attribute), these features are taught by the prior art for 
the reasons noted in the rejections of claims 1-15 (Schneier teaching such security 
features, Pinkert teaching such alias handling, the prior art as a whole teaching other 
features for the motivations noted in the rejections of claims 1-15). 

Regarding claim 23 (the system of claim 16 further including a referral service for 
directing the client to another domain), claim 24 (the system of claim 23 wherein the 
domain the client is directed to may refer the client to another domain), claim 25 (the 
system of claim 16 wherein improved security is provided for replicated services by 
including the name of the replicated service within a Service Principal Name), these 
features are taught by the prior art for the reasons noted in the rejections of claims 1-22 
(Schneier teaching such security features, Pinkert teaching such alias handling, the 
prior art as a whole teaching other features for the motivations noted in the rejections of 
claims 1-22). 

Conclusion 

The art made of record and not relied upon is considered pertinent to applicant's 
disclosure. The art disclosed general background. They were cited in the previous 
Office Action. 
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THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the mailing date of this final action. 

Points of Contact 

Any comments considered necessary by applicant must be submitted no later than the 
payment of the issue fee and, to avoid processing delays, should preferably accompany 
the issue fee. Such submissions should be clearly labeled "Comments on Statement of 
Reasons for Allowance." 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
Washington, D.C. 20231 
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or faxed to: 



(703) 746-7239, (for formal communications intended for entry) 



Or: 



(703) 746-5606 (for informal or draft communications, please label "PROPOSED" or 
"DRAFT") 

Hand-delivered responses should be brought to Crystal Park II, 2121 Crystal Drive, 
Arlington. VA., Sixth Floor (Receptionist). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to David Jung whose telephone number is (703) 308-5262 
or Greg Morse whose telephone number is (703) 308-4789. 



David Jung 
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